Job Description

Job Title: Security & Compliance Lead

Reports To: IT Systems Engineer-Administrator

FLSA Status: Exempt

Prepared Date: October 30, 2025

SUMMARY:

This position will own and mature cybersecurity and compliance programs across VRC Metal Systems (VRC) and companies controlled by VRC. This role is critical for achieving and maintaining

CMMC 2.0 Level 2 Compliance

, safeguarding Controlled Unclassified Information (CUI), and ensuring alignment with

NIST SP 800-171

requirements. The position will collaborate with IT, operations, external partners to implement security controls, monitor compliance, and prepare for third-party assessments.

QUALIFICATIONS:

To perform this job successfully, the individual must be able to perform each essential duty and responsibility in a safe and satisfactory manner. Must be able to wear personal protective equipment as required by the tasks at hand. The requirements listed below are representative of the knowledge, skill, and/or ability required.

Please Note: Applicant will be expected to meet U.S. citizenship requirements for this position due to the nature of the work and required security clearance.

Experience

o 3+ years in IT security, compliance or GPC roles

o Familiarity with DOD Contracting Requirements

Knowledge

o NIST SP 800-171, CMMC 2.0 framework

o Cybersecurity principles, risk management, and audit processes

Certifications (Preferred)

o Security+, CISSP, CISM, or CMMC Certified Professional

Other Essential Skills

o Strong documentation and communication skills

o Ability to manage multiple priorities and work cross-functionally

o Detail orientated with a proactive mindset

ESSENTIAL JOB FUNCTIONS:

Compliance Program Leadership

o Develop, maintain, and execute our Systems Security Plan (SSP) and Plan of Action & Milestones (POA&M)

o Drive readiness for CMMC 2.0 Level 2 certification and ongoing sustainment

o Map and document security controls for NIST SP 800-171 requirements

o Coordinate evidence collection and maintain audit-ready documentation

Security Governance

o Own policy lifecycle: create, review, and update cybersecurity policies and procedures

o Conduct risk assessments and vulnerability management cycles

o Monitor compliance posture and report metrics to leadership

Operational Security

o Oversee identify and access management standards (MFA, Conditional Access)

o Ensure secure configuration baselines for endpoints, services, and cloud services

o Collaborate with MSP and internal IT on patching, logging, and incident response

Training & Awareness

o Develop and deliver security awareness programs for employees

o Act as internal subject matter expert for compliance and security best practices

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Other duties may be assigned.

Salary Range:

$70,000 - $95,000

SUPERVISORY RESPONSIBILITIES:

None

EDUCATION and EXPERIENCE:

Bachelor's degree or higher in engineering and/or IT technology preferred

3+ years in IT security, compliance or GPC roles

LANGUAGE SKILLS:

Read and correctly interpret documents in English such as safety rules, safety data sheets, operating and maintenance instructions, work instructions, procedure manuals, periodicals, journals, and brochures

Write routine reports, correspondence, inventory summaries, and reports in English using prescribed format, and conforming to all rules of punctuation, grammar, diction, and style

Ability to speak effectively in English on the phone and in person with coworkers

Understanding of IT technical terms

MATH SKILLS

Proficient: basic math skills with high attention to detail

COMPUTER SKILLS:

Microsoft Word, Power Point, and Excel at an intermediate level

Proficient in electronic forms of communication including email, web searching, and data organization

Ability to quickly learn computer applications

High level of understanding of Cybersecurity

REASONING ABILITY:

Apply common sense understanding to carry out instructions furnished in written, oral, or diagram form

Read and interpret design documents and schematics

PHYSICAL DEMANDS:

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to stand; walk; use hands to finger, handle, or feel; reach with hands and arms; stoop, kneel, crouch, or crawl; and talk or hear. The employee must regularly lift and/or move up to 25 pounds and frequently lift and/or move up to 50 pounds. The employee must be able to see differences in color, widths, and lengths of lines such as those on design and schematic drawings.

ENVIRONMENTAL CONDITIONS:

Inside: Protection from weather conditions but not necessarily from temperature changes. A job is considered "inside" if the worker spends approximately 75 percent or more of the time inside.

WORK ENVIRONMENT:

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.

Must be able to work effectively in a stressful environment, communicate well with others, effectively deal with internal customers and external vendors and customers, and accept constructive criticism

Must be able to change activity frequently and cope appropriately with interruptions

IMPORTANT NOTE: Essential functions of this job are described under the headings above. The job requirements and features are subject to change from time to time due to the dynamic nature of the Company.

It is the policy of VRC Metal Systems not to discriminate or allow the harassment of employees or applicants on the basis of sex, gender identity, sexual orientation, race, color, religious creed, national origin, physical or mental disability, protected veteran status, or any other characteristic protected by law with regard to any employment practices, including recruitment, advertising, job application procedures, hiring, upgrading, training, promotion, transfer, compensation, job assignments, benefits and/or other terms, conditions, or privileges of employment, provided the individual is qualified, with or without reasonable accommodations, to perform the essential functions of the job. This policy applies to all jobs at the Company.

Employees and applicants with disabilities and disabled veterans are encouraged to inform Human Resources if they need a reasonable accommodation to perform a job for which they are otherwise qualified. The Company makes, and will continue to make, reasonable accommodations to the known physical or mental limitations of an otherwise qualified applicant or employee to promote the employment of qualified individuals with disabilities and disabled veterans, unless such accommodations would impose an undue hardship on the operations of the Company's business.

Job Type: Full-time

Pay: $70,000.00 - $95,000.00 per year

Benefits:

401(k) 401(k) matching Dental insurance Health insurance Health savings account Paid time off Vision insurance
Education:

Bachelor's (Required)
Work Location: In person